Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ https://git.shady.money/linux/atom?h=v6.15 2025-05-09T20:22:05Z 2025-05-09T20:22:05Z Pawan Gupta pawan.kumar.gupta@linux.intel.com 2024-12-02T20:07:08Z urn:sha1:facd226f7e0c8ca936ac114aba43cb3e8b94e41e When retpoline mitigation is enabled for spectre-v2, enabling call-depth-tracking and RSB stuffing also mitigates ITS. Add cmdline option indirect_target_selection=stuff to allow enabling RSB stuffing mitigation. When retpoline mitigation is not enabled, =stuff option is ignored, and default mitigation for ITS is deployed. Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org> Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com> 2025-05-09T20:22:05Z Pawan Gupta pawan.kumar.gupta@linux.intel.com 2024-11-18T17:53:12Z urn:sha1:2665281a07e19550944e8354a2024635a7b2714a Ice Lake generation CPUs are not affected by guest/host isolation part of ITS. If a user is only concerned about KVM guests, they can now choose a new cmdline option "vmexit" that will not deploy the ITS mitigation when CPU is not affected by guest/host isolation. This saves the performance overhead of ITS mitigation on Ice Lake gen CPUs. When "vmexit" option selected, if the CPU is affected by ITS guest/host isolation, the default ITS mitigation is deployed. Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org> Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com> 2025-05-09T20:22:05Z Pawan Gupta pawan.kumar.gupta@linux.intel.com 2024-06-22T03:23:23Z urn:sha1:f4818881c47fd91fcb6d62373c57c7844e3de1c0 Indirect Target Selection (ITS) is a bug in some pre-ADL Intel CPUs with eIBRS. It affects prediction of indirect branch and RETs in the lower half of cacheline. Due to ITS such branches may get wrongly predicted to a target of (direct or indirect) branch that is located in the upper half of the cacheline. Scope of impact =============== Guest/host isolation -------------------- When eIBRS is used for guest/host isolation, the indirect branches in the VMM may still be predicted with targets corresponding to branches in the guest. Intra-mode ---------- cBPF or other native gadgets can be used for intra-mode training and disclosure using ITS. User/kernel isolation --------------------- When eIBRS is enabled user/kernel isolation is not impacted. Indirect Branch Prediction Barrier (IBPB) ----------------------------------------- After an IBPB, indirect branches may be predicted with targets corresponding to direct branches which were executed prior to IBPB. This is mitigated by a microcode update. Add cmdline parameter indirect_target_selection=off|on|force to control the mitigation to relocate the affected branches to an ITS-safe thunk i.e. located in the upper half of cacheline. Also add the sysfs reporting. When retpoline mitigation is deployed, ITS safe-thunks are not needed, because retpoline sequence is already ITS-safe. Similarly, when call depth tracking (CDT) mitigation is deployed (retbleed=stuff), ITS safe return thunk is not used, as CDT prevents RSB-underflow. To not overcomplicate things, ITS mitigation is not supported with spectre-v2 lfence;jmp mitigation. Moreover, it is less practical to deploy lfence;jmp mitigation on ITS affected parts anyways. Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org> Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com> 2025-05-09T20:22:04Z Pawan Gupta pawan.kumar.gupta@linux.intel.com 2025-04-11T22:36:38Z urn:sha1:1ac116ce6468670eeda39345a5585df308243dca Add the admin-guide for Indirect Target Selection (ITS). Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org> Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com> 2025-04-22T14:05:24Z Hans Holmberg Hans.Holmberg@wdc.com 2025-04-22T11:50:07Z urn:sha1:f0447f80aec83f1699d599c94618bb5c323963e6 Remove the duplicated section and while at it, turn spaces into tabs. Signed-off-by: Hans Holmberg <hans.holmberg@wdc.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Carlos Maiolino <cmaiolino@redhat.com> Fixes: c7b67ddc3c99 ("xfs: document zoned rt specifics in admin-guide") Signed-off-by: Carlos Maiolino <cem@kernel.org> 2025-04-17T06:16:59Z Hans Holmberg Hans.Holmberg@wdc.com 2025-04-09T12:39:56Z urn:sha1:c7b67ddc3c999aa2f8d77be7ef1913298fe78f0e Document the lifetime, nolifetime and max_open_zones mount options added for zoned rt file systems. Also add documentation describing the max_open_zones sysfs attribute exposed in /sys/fs/xfs/<dev>/zoned/ Fixes: 4e4d52075577 ("xfs: add the zoned space allocator") Signed-off-by: Hans Holmberg <hans.holmberg@wdc.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Darrick J. Wong <djwong@kernel.org> Signed-off-by: Carlos Maiolino <cem@kernel.org> 2025-04-14T08:41:33Z Hans Holmberg Hans.Holmberg@wdc.com 2025-03-25T09:10:49Z urn:sha1:845abeb1f06a8a44e21314460eeb14cddfca52cc Presently we start garbage collection late - when we start running out of free zones to backfill max_open_zones. This is a reasonable default as it minimizes write amplification. The longer we wait, the more blocks are invalidated and reclaim cost less in terms of blocks to relocate. Starting this late however introduces a risk of GC being outcompeted by user writes. If GC can't keep up, user writes will be forced to wait for free zones with high tail latencies as a result. This is not a problem under normal circumstances, but if fragmentation is bad and user write pressure is high (multiple full-throttle writers) we will "bottom out" of free zones. To mitigate this, introduce a zonegc_low_space tunable that lets the user specify a percentage of how much of the unused space that GC should keep available for writing. A high value will reclaim more of the space occupied by unused blocks, creating a larger buffer against write bursts. This comes at a cost as write amplification is increased. To illustrate this using a sample workload, setting zonegc_low_space to 60% avoids high (500ms) max latencies while increasing write amplification by 15%. Signed-off-by: Hans Holmberg <hans.holmberg@wdc.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Carlos Maiolino <cem@kernel.org> 2025-04-09T10:42:09Z Josh Poimboeuf jpoimboe@kernel.org 2025-04-08T21:47:35Z urn:sha1:83f6665a49c3d44ad0c08f837d352dd290f5d10b Create a document to summarize hard-earned knowledge about RSB-related mitigations, with references, and replace the overly verbose yet incomplete comments with a reference to the document. Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org> Signed-off-by: Ingo Molnar <mingo@kernel.org> Link: https://lore.kernel.org/r/ab73f4659ba697a974759f07befd41ae605e33dd.1744148254.git.jpoimboe@kernel.org 2025-04-09T10:27:08Z Andy Shevchenko andriy.shevchenko@linux.intel.com 2025-04-07T17:22:14Z urn:sha1:996457176bb7c64b3d30996592c754205ec4d3ea First of all, using 'mmio' prevents proper implementation of 8-bit accessors. Second, it's simply inconsistent with uart8250 set of options. Rename it to 'mmio32'. While at it, remove rather misleading comment in the documentation. From now on mmio32 is self-explanatory and pciserial supports not only 32-bit MMIO accessors. Also, while at it, fix the comment for the "pciserial" case. The comment seems to be a copy'n'paste error when mentioning "serial" instead of "pciserial" (with double quotes). Fix this. With that, move it upper, so we don't calculate 'buf' twice. Fixes: 3181424aeac2 ("x86/early_printk: Add support for MMIO-based UARTs") Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Signed-off-by: Ingo Molnar <mingo@kernel.org> Reviewed-by: Denis Mukhin <dmukhin@ford.com> Link: https://lore.kernel.org/r/20250407172214.792745-1-andriy.shevchenko@linux.intel.com 2025-04-04T23:58:34Z Linus Torvalds torvalds@linux-foundation.org 2025-04-04T23:58:34Z urn:sha1:dd9db3bff8ec419ab0e5f18092f89a8fddc37f15 Pull more s390 updates from Vasily Gorbik: - Fix machine check handler _CIF_MCCK_GUEST bit setting by adding the missing base register for relocated lowcore address - Fix build failure on older linkers by conditionally adding the -no-pie linker option only when it is supported - Fix inaccurate kernel messages in vfio-ap by providing descriptive error notifications for AP queue sharing violations - Fix PCI isolation logic by ensuring non-VF devices correctly return false in zpci_bus_is_isolated_vf() - Fix PCI DMA range map setup by using dma_direct_set_offset() to add a proper sentinel element, preventing potential overruns and translation errors - Cleanup header dependency problems with asm-offsets.c - Add fault info for unexpected low-address protection faults in user mode - Add support for HOTPLUG_SMT, replacing the arch-specific "nosmt" handling with common code handling - Use bitop functions to implement CPU flag helper functions to ensure that bits cannot get lost if modified in different contexts on a CPU - Remove unused machine_flags for the lowcore * tag 's390-6.15-2' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log s390/pci: Fix dev.dma_range_map missing sentinel element s390/mm: Dump fault info in case of low address protection fault s390/smp: Add support for HOTPLUG_SMT s390: Fix linker error when -no-pie option is unavailable s390/processor: Use bitop functions for cpu flag helper functions s390/asm-offsets: Remove ASM_OFFSETS_C s390/asm-offsets: Include ftrace_regs.h instead of ftrace.h s390/kvm: Split kvm_host header file s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs s390/lowcore: Remove unused machine_flags s390/entry: Fix setting _CIF_MCCK_GUEST with lowcore relocation